P
US9843580B2ActiveUtilityPatentIndex 82

RFID authentication architecture and methods for RFID authentication

Assignee: NEOLOGY INCPriority: Jan 30, 2008Filed: Jan 4, 2016Granted: Dec 12, 2017
Est. expiryJan 30, 2028(~1.6 yrs left)· nominal 20-yr term from priority
Inventors:FAIRBANKS JOHNMORAN DOUGLASLIU JUN
H04L 63/123H04L 63/0869H04L 9/0822H04L 63/0853H04L 9/3273H04L 2209/805H04L 9/0863H04L 9/16H04L 9/3226H04L 63/083H04W 12/06H04W 12/068
82
PatentIndex Score
7
Cited by
16
References
20
Claims

Abstract

A method for mutual authentication in an RFID system comprising an RFID reader and an RFID tag, the method comprising requesting an identification from the tag, receiving the identification, using the received identification to select a password associated with the identification, generating a password key based on the selected password, encrypting the selected password using the password key, and transmitting the encrypted password to the tag.

Claims

exact text as granted — not AI-modified
What is claimed: 
     
       1. A Radio frequency identification (RFID) reader for mutual authentication in a RFID system comprising the RFID reader and an RFID tag, the RFID reader configured to:
 request an identifier from the RHD tag; 
 receive the identifier; 
 select a password based at least in part on the identifier; 
 select a first of a plurality of indexed mathematical kernels, wherein the first mathematical kernel comprises a first parameter set; 
 use the first mathematical kernel to generate a first password key 
 encrypt the password using the first password key; and 
 transmit the password encrypted using the first password key to the RFID tag. 
 
     
     
       2. The RFID reader of  claim 1 , further configured to:
 receive an acknowledgement (ACK) from the RFID tag indicating that the RFID tag was able to successfully verify the password encrypted using the first password; 
 generate a read memory request in response to the ACK received from the RFID tag; 
 transmit the read memory request to the RFID tag; and 
 receive data from the RHD tag in response to the read memory request. 
 
     
     
       3. The RFID reader of  claim 1 , further configured to:
 receive a negative acknowledgement (NACK) from the RHD tag indicating that the RFID tag was not able to successfully verify the password encrypted using the first password key; 
 select, in response to receiving the NACK from the RFID tag, a second of the plurality of indexed mathematical kernels, wherein the second mathematical kernel comprises a second parameter set; 
 transmit an index corresponding to the second indexed mathematical kernel to the RFID tag; 
 receive a first acknowledgement (ACK) from the RFID tag indicating receipt of the index; 
 use the second mathematical kernel to generate a second password key; 
 encrypt the password using the second password key; and 
 transmit the password encrypted using the second password key to the RFID tag. 
 
     
     
       4. The RFID reader of  claim 3 , further configured to:
 receive a second ACK from the RFID tag indicating that the tag was able to successfully verify the password encrypted using the second password key; 
 generate a read memory request in response to the second ACK received from the RFID tag; 
 transmit the read memory request to the RFID tag; and 
 receive data from the RFID tag in response to the read memory request. 
 
     
     
       5. The RFID reader of  claim 1 , further configured to scramble the password key. 
     
     
       6. The RFID reader of  claim 5 , further configured to scramble the password key based on one of a plurality of indexed scrambling logic. 
     
     
       7. The RFID reader of  claim 5 , further configured to scramble the password key by shuffling at least a portion of a plurality of bits comprising the password key. 
     
     
       8. The RFID reader of  claim 5 , further configured to scramble of the password key by exchanging at least a portion of a plurality of bits comprising the password key. 
     
     
       9. The RFID reader of  claim 5 , further configured to scramble the password key by altering at least a portion of a plurality of bits comprising the password key. 
     
     
       10. The RFID reader of  claim 1 , further configured to use the first mathematical kernel to generate the first password key by running a pseudorandom sequence generator (PRSG) based at least in part on the first parameter set, wherein a length of the PRSG corresponds to a length of the password. 
     
     
       11. A Radio frequency identification (RFID) tag for mutual authentication in a radio frequency identification (RFID) system comprising an RFID reader and the RFID tag, the RFID tag configured to:
 provide an identifier to the RHD reader; 
 in response to providing the identifier, receive, from the RHD reader, a password encrypted using a first password key generated using a first of a plurality of indexed mathematical kernels, wherein the first mathematical kernel comprises a first parameter set; 
 verify the password encrypted using the first password key; 
 in response to successfully verifying the password encrypted using the first password key, transmit a first acknowledgement (ACK) to the RFID reader; 
 receive, from the RFID reader, a first read memory request in response to the first ACK; and 
 transmit at least a portion of the data stored at the RHD tag to the RFID reader in response to the first read memory request. 
 
     
     
       12. The RFID tag of  claim 11 , further configured to:
 in response to not successfully verifying the password encrypted using the first password key, transmit a negative acknowledgement (NACK) to the RFID reader; 
 receive, from the RHD reader, an index corresponding to a second of the plurality of indexed mathematical kernels in response to the NACK, wherein the second mathematical kernel comprises a second parameter set; 
 transmit, to the RFID reader, a second ACK in response to receiving the index from the RFID reader; 
 receive, from the RFID reader, the password encrypted using a second password key generated using the second mathematical kernel; 
 verify the password encrypted using the second password key; 
 in response to successfully verifying the password encrypted using the second password key, transmit a third ACK to the RHD reader; 
 receive a second read memory request from the RFID reader in response to the third ACK; and 
 transmit at least a portion of he data stored at he RFID tag to the RFID reader in response to the second read memory request. 
 
     
     
       13. The RFID tag of  claim 12 , further configured to verify the password encrypted using the second password key by:
 identifying the second mathematical kernel based at least in part on the index received from the RFD reader; 
 decrypting the password encrypted using the second password key based on a password key corresponding to the second mathematical kernel; and 
 comparing the decrypted password to a password stored at the RFID tag. 
 
     
     
       14. The RFID tag of  claim 12 , further configured to:
 determine a number unsuccessful attempts to verify encrypted passwords received from the RFID reader: and 
 in response to determining that the number of unsuccessful attempts exceeds a predetermined threshold, enter a sleep state. 
 
     
     
       15. The RFID tag of  claim 11 , wherein the first password key is scrambled based on one of a plurality of scrambling logic. 
     
     
       16. The RFID tag of  claim 15 , wherein the password key is scrambled by shuffling at least a portion of a plurality of bits comprising the password key. 
     
     
       17. The RFID tag of  claim 15 , wherein the password key is scrambled by exchanging at least a portion of a plurality of bits comprising the password key. 
     
     
       18. The RFID tag of  claim 15 , wherein the password key is scrambled by altering at least a portion of a plurality of bits comprising the password key. 
     
     
       19. The RFID tag of  claim 11 , further configured to use the first mathematical kernel to generate the first password key by running a pseudorandom sequence generator (PRSG) based at least in part on the first parameter set, wherein a length of the PRSG corresponds to a length of the password. 
     
     
       20. The RFID tag of  claim 11 , further configured to verify the password encrypted using the first password key by:
 decrypting the password encrypted using the first password key based on a password key corresponding to a last known mathematical kernel; and 
 comparing the decrypted password to a password stored at the RFID tag.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.